Finger Tip

On its face, Attorney General John Ashcroft's plan, announced last week, to fingerprint about 100,000 foreigners visiting the United States each year sounds prudent. Since "fingerprints don't lie," as Ashcroft recently put it, fingerprinting visitors from Arab and Muslim nations should be a reliable way of identifying terrorists who would otherwise quickly disappear inside the country. In fact, until recently even liberals endorsed this logic. When Ashcroft informed a House subcommittee this February that the Immigration and Naturalization Service (INS) had already "found a number of hits of people trying to come in ... that we have pulled out of the line, and they have their fingerprints examined," Rhode Island Representative Patrick Kennedy called the idea "super," adding, "I think it's essential."

Of course, now that Ashcroft is turning this erstwhile pilot project into federal policy, most liberals are decidedly less keen. "[W]hat impact do you think these policies will have on the Arab and Muslim communities in the U.S. if you're holding job fairs in the morning and fingerprinting them in the afternoon?" Kennedy's father, Massachusetts Senator Ted Kennedy, complained at a hearing last week. But the real problem isn't that Ted Kennedy is right this time around. Any infringement on civil liberties would likely be marginal: None of the candidates for fingerprinting would be American citizens or permanent residents, and many would come from countries on the State Department's terrorism list--visitors the law technically requires to be fingerprinted already. The real problem is that Patrick Kennedy was wrong in February. For all its intuitive appeal, fingerprinting probably won't stop determined terrorists from crossing the border.

Under Ashcroft's plan, visitors traveling to the United States on foreign visas would be profiled according to certain characteristics (presumably gender, age, country of origin, etc.) and pulled aside at their point of entry (airport, seaport, or border crossing) for fingerprinting. While they wait, these fingerprints would be checked against various databases related to possible terrorist intent. Ashcroft envisions three specific ways of using the prints: running them through a "database of thousands of known terrorists"; running them through a "database of wanted criminals"; and adding them to existing databases in hopes of preventing would-be terrorists from reentering the country under different identities.

The first sounds like the most obvious--a simple matter of inputting fingerprints into a computer to determine whether or not they belong to a terrorist. Alas, Ashcroft's database of "known terrorists" does not, in any meaningful sense, exist. While it's true that American intelligence officials have dusted Al Qaeda training camps for fingerprints--and that these prints have since been catalogued--America's months-long bombing campaign and the notorious Afghan winter probably damaged those prints' legibility. As Peter Higgins, a former program director for the FBI's fingerprint database, notes, fingerprints exposed to fire or precipitation are "not likely to be very useful." Beyond that the pickings are slimmer still. Just about the only other places to get fingerprints for at-large terrorists are the sites of terrorist attacks. But here, too, the prints are mostly smudged, damaged, or partial. "If you go to places like the Khobar Towers bombing," explains former State Department counterterrorism official Larry Johnson, "there aren't a lot of prints to pick up there." Moreover, given the popularity of suicide attacks, many of the terrorists whose prints might be found are dead--unlikely candidates for a repeat offense. So it's not surprising that when asked just how many terrorist fingerprints he had, Ashcroft quickly backed off his claim of "thousands" and conceded, "I'm not sure exactly how many."

Of course, even if the database contained only a hundred prints, it would still be a good idea to keep these would-be terrorists out of the country. The problem is that, as a sheer statistical proposition, there's little chance of scoring a match between this limited number of prints and the 100,000 foreign visitors Ashcroft plans to fingerprint each year. That's especially true given that the Justice Department will only print two fingers--the index finger of each hand--per person. If those two fingerprints don't happen to be among the ones the FBI has collected, the fingerprintee will sail through customs even if he's technically in the database.

Given the weakness of Ashcroft's database of terrorist prints, it seems logical that visitors' prints will also be matched against two, much larger criminal databases--the FBI's Integrated Automated Fingerprint Identification System (IAFIS), and the INS's "ident" system, both of which include both index fingers. Indeed, the "1,400 wanted criminals" Ashcroft claims to have arrested during the recent five-months-long pilot project come courtesy of the prints in these databases.

Unfortunately, while those 1,400 people make for an impressive law enforcement statistic, they leave much to be desired as a counterterrorism statistic. That's because IAFIS and ident are databases of conventional criminals and illegal aliens, not terrorist suspects. Anyone arrested anywhere in the country for a serious misdemeanor or felony--from firecracker-smuggling to murder--shows up in IAFIS, which, to date, "enrolls" about 44 million people. Likewise, the roughly two million sets of fingerprints in ident include anyone who's been deported for committing a crime or who's been caught entering the country illegally--the vast majority of whom cross the border from Mexico. The result, according to former CIA Counterterrorism Chief Vince Cannistraro, is that there's basically "zero" overlap between the profile of the average IAFIS and ident criminal and the profile of the average terrorist, who is not likely to have a criminal record outside his terrorist acts.

It's the final pillar, however--creating a new database of prints to prevent foreign visitors from reentering the country under different identities--that is perhaps the least promising of all. Just consider the chain of events necessary to produce a positive identification. First the person would have to get a visa and enter the country legally, at which time he would be fingerprinted. Then that person would have to leave the country and, for whatever reason, not be able to obtain a visa the second time around, causing him to apply for a visa using fake or stolen identification. Finally, if he's one of the lucky few who gets fingerprinted a second time, we nab him when it turns out his fingerprints match the name he traveled under previously and not the one he's traveling under now.

Such a chain of events is pretty difficult to imagine. For one thing, people who can get a visa the first time around--whether under their real identity or an assumed one--are likely to be able to get a second one under the same identity. More importantly, many visas are valid for multiple entries to the United States. So even if someone entered the country on a temporary visa and then left and committed a crime, making it difficult to get a second one, in many cases he wouldn't have to. (Khalid al Midhar, the alleged suicide pilot of American Airlines Flight 77, which crashed into the Pentagon, reentered the country in July 2001 on just such a visa.)

But all of this may be trivial given the fact that once they're inside the country nobody plotting a terrorist act ever has to leave in the first place. After all, the only thing compelling an otherwise law-abiding terrorist to leave is the expiration of his visa. But since the INS doesn't even keep track of which visas expire when--it estimates the total number of expired visas, but nothing more--why would anyone worried about being admitted into the country risk leaving? If the history of Islamist terrorism in the United States is any indication, they wouldn't. The four 9/11 hijackers illegally in this country at the time of the attack had entered legally but simply overstayed their time limits.

Does this mean the Justice Department's fingerprinting efforts couldn't possibly do any good? Of course not. There's always a chance we'll stumble onto someone who just wasn't thinking. Given that possibility, many wonder what the harm is in trying. But the question isn't whether fingerprinting would work at all; it's whether the return on fingerprinting would exceed the return on other counterterrorism measures. And the answer is a clear no.

The INS estimates it will spend $200 million just on integrating its fingerprint database with the FBI's--a job that is still far from complete. By the time you install the necessary hardware and trained personnel at every port of entry in the country--there are over 300 of them--the costs will likely run into the billions. Compare the limited return on that with other, no more costly measures likely to have a far greater impact--such as figuring out who has overstayed their visa. As Steve Camarota, research director for the Center for Immigration Studies, points out, "Wal-Mart scans a product when it comes in and when it leaves.... There's no technological impediment to tracking people [the same way]." This could entail something as innocuous as embedding a bar code in each visa and scanning it into a database upon entry and departure.

Still easier (and considerably cheaper) would be simply to change the rules for issuing visas--and enforcing the ones that exist. According to U.S. News & World Report, three of the 9/11 hijackers took advantage of a program called "Visa Express," meaning they obtained visas without being interviewed by consular officials. Another conspirator, the so-called twentieth hijacker Zacarias Moussaoui, used a visa-waiver program that allows French citizens, among others, to circumvent the process altogether. Doing away with these programs could do far more to stop terrorists from entering the country than even the most successful fingerprinting initiative.

So could training consular officials to enforce Section 214(b) of the Immigration and Nationality Act, which allows them to reject (nonimmigrant) visa candidates who lack compelling reasons to return to their countries of origin: wives and children, jobs, property, etc. The more of these characteristics a person meets, the less likely it is they'll turn out to be a suicide bomber. Conversely, it's probably not a coincidence that three of the 9/11 hijackers were young, unmarried, and cash-strapped; a fourth, Mohammed Atta, was unmarried and unemployed. As Camarota argues in a recent report, it's tough to see how they'd have been granted visas had 214(b) actually been applied.

And if after doing all this the Justice Department is still intent on fingerprinting, the right way to do it isn't at points of entry once terrorists have already obtained their visas. It's at consulates, where there's still a real chance of rejecting them. One of the worst-kept secrets among consular officials is that someone denied a visa at one consulate can simply change his identity and reapply at another--and so on until he finally succeeds. But if visa applicants were fingerprinted, a terrorist would be out of the visa game the first time he got rejected. That may not be as dramatic as "pulling people out of line" at an airport. On the other hand, it just might work.

This article originally ran in the June 24, 2002, issue of the magazine.